<?php 
	require_once("../_inc/sessions.php"); 

	if ($_SERVER['HTTP_HOST']==$_SERVER['SERVER_NAME']) {

		require_once("../_inc/functions.php"); 
		require_once("../_inc/connection.php"); 
		require_once("../_inc/form_functions.php"); 

		date_default_timezone_set('Asia/Bangkok');

		if (isset($_POST['str'])) {
			$json = trim(mysql_prep($_POST['str']));
			$str = json_decode(str_replace("\\", "", $json), true); // stripe out backward slash

			$data['f'] = "0";

			switch (trim(mysql_prep($str['act']))) {
				case 'wup':
					if ($str['web1']==$str['web2']) {
						$column = array(
								'hpwd'	=> sha1($str['web2'])
								);

						foreach ($column as $key => $value) { $ins[] = "$key='{$value}'"; }
						$ins_str = implode(',',$ins);
						$query = "UPDATE `user` SET ".$ins_str." WHERE id=1 LIMIT 1";
								mysql_query("SET NAMES 'utf8'",$connection); 
								$result = mysql_query($query, $connection);
								confirm_query($result);
								if (mysql_affected_rows()) {
									$data['f'] = "1";
								}
					}
					break;

				case 'tup':
					if ($str['tor1']==$str['tor2']) {
						$column = array(
								'hpwd'	=> sha1($str['tor2'])
								);

						foreach ($column as $key => $value) { $ins[] = "$key='{$value}'"; }
						$ins_str = implode(',',$ins);
						$query = "UPDATE `user` SET ".$ins_str." WHERE id=2 LIMIT 1";
								mysql_query("SET NAMES 'utf8'",$connection); 
								$result = mysql_query($query, $connection);
								confirm_query($result);
								if (mysql_affected_rows()) {
									$data['f'] = "1";
								}
					}
					break;
				case 'mup':
					$uid = $str['uid'];
					if (is_numeric($uid)) {
						$column = array(
								'hpwd'	=> sha1($str['my2'])
								);
						foreach ($column as $key => $value) { $ins[] = "$key='{$value}'"; }
						$ins_str = implode(',',$ins);
						$query = "UPDATE `user` SET ".$ins_str." WHERE id='{$uid}' LIMIT 1";
								mysql_query("SET NAMES 'utf8'",$connection); 
								$result = mysql_query($query, $connection);
								confirm_query($result);
								if (mysql_affected_rows()) {
									$data['f'] = "1";
								}
						break;
					}
				
				default: break;
			}
		}
		echo json_encode($data);

		mysql_close($connection);
	}
			
?>